[cross-compile] Make pkg/apparmor cross compilable #5084
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,28 +1,76 @@ | ||
| # syntax=docker/dockerfile-upstream:1.5.0-rc2-labs | ||
|
|
||
| # Copyright (c) 2023-2025 Zededa, Inc. | ||
| # SPDX-License-Identifier: Apache-2.0 | ||
|
|
||
| FROM --platform=${BUILDPLATFORM} lfedge/eve-alpine:0f2e0da38e30753c68410727a6cc269e57ff74f2 as builder-native-base | ||
| ENV BUILD_PKGS="linux-headers musl-dev musl-utils musl-libintl git gcc g++ \ | ||
| autoconf automake libtool make flex bison bash sed gettext" | ||
| ENV PKGS alpine-baselayout | ||
| RUN eve-alpine-deploy.sh | ||
|
|
||
| FROM --platform=${BUILDPLATFORM} lfedge/eve-cross-compilers:fb809cfb1909752acb563e0b77cd3799534bce64 AS cross-compilers | ||
|
|
||
| FROM builder-native-base as builder-cross-base | ||
| COPY --from=cross-compilers /packages /packages | ||
|
Contributor
There was a problem hiding this comment. Can you not just move This needs comments to make it clear what each one is doing, as well as how the whole flow works. I mostly get what you are doing, but miss some of the steps. |
||
|
|
||
| FROM builder-cross-base as builder-target-arm64 | ||
| ARG COMPILER_TARGET_ARCH=aarch64 | ||
|
Contributor
There was a problem hiding this comment. In the documentation (https://github.com/lf-edge/eve/blob/master/docs/BUILD.md#cross-compilation-support), we recommend to call this variable EVE_TARGET_ARCH, as used in other packages... not critical, but would be good to keep the pattern... |
||
|
|
||
| FROM builder-cross-base as builder-target-amd64 | ||
| ARG COMPILER_TARGET_ARCH=x86_64 | ||
|
|
||
| FROM --platform=${TARGETPLATFORM} lfedge/eve-alpine:0f2e0da38e30753c68410727a6cc269e57ff74f2 as target-sysroot | ||
| # Install the target sysroot | ||
| ENV BUILD_PKGS="musl-dev libgcc musl-libintl libintl linux-headers" | ||
| RUN eve-alpine-deploy.sh | ||
|
|
||
| #hadolint ignore=DL3006 | ||
| FROM builder-target-${TARGETARCH} as builder-target | ||
| # install cross compiler | ||
| #hadolint ignore=DL3006,DL3018 | ||
| RUN apk add --no-cache --allow-untrusted -X /packages "build-base-${COMPILER_TARGET_ARCH}" | ||
|
|
||
| FROM builder-target as builder-amd64-arm64 | ||
| ENV CONFIGURE_TARGETS="--build=aarch64-alpine-linux-musl --host=x86_64-alpine-linux-musl" | ||
| # copy libraries from target-sysroot | ||
| COPY --from=target-sysroot /usr/lib/ /usr/x86_64-alpine-linux-musl/lib/ | ||
|
Contributor
There was a problem hiding this comment. instead of copying the whole /usr/lib and /usr/include you can use an approach like this to create the target libraries: so you install only the libraries you need and they will be available at
Contributor
Author
There was a problem hiding this comment. @rene sure, I actually did not mean to merge it to be honest, but I can fix it 👍 |
||
| COPY --from=target-sysroot /usr/include/ /usr/x86_64-alpine-linux-musl/include/ | ||
| ENV CXX=x86_64-alpine-linux-musl-g++ | ||
|
|
||
|
|
||
| FROM builder-target as builder-arm64-amd64 | ||
| ENV CONFIGURE_TARGETS="--host=aarch64-alpine-linux-musl --build=x86_64-alpine-linux-musl" | ||
| # copy libraries from target-sysroot | ||
| COPY --from=target-sysroot /usr/lib/ /usr/aarch64-alpine-linux-musl/lib/ | ||
| COPY --from=target-sysroot /usr/include/ /usr/aarch64-alpine-linux-musl/include/ | ||
| ENV CXX=aarch64-alpine-linux-musl-g++ | ||
|
|
||
|
|
||
| FROM builder-native-base as builder-amd64-amd64 | ||
| ENV CONFIGURE_TARGETS= | ||
|
|
||
| FROM builder-native-base as builder-arm64-arm64 | ||
| ENV CONFIGURE_TARGETS= | ||
|
|
||
| #hadolint ignore=DL3006 | ||
| FROM builder-${TARGETARCH}-${BUILDARCH} as builder | ||
|
|
||
| ADD https://gitlab.com/apparmor/apparmor.git#v3.1.4 /apparmor | ||
| WORKDIR /apparmor/libraries/libapparmor | ||
| # hadolint ignore=SC2086 | ||
| RUN ./autogen.sh && \ | ||
| (./configure ${CONFIGURE_TARGETS} || cat ./config.log) && \ | ||
| make -j"$(nproc)" | ||
|
|
||
| WORKDIR /apparmor/parser | ||
| RUN ../common/list_af_names.sh > base_af_names.h && \ | ||
| make -j"$(nproc)" | ||
|
Contributor
Author
There was a problem hiding this comment. @christoph-zededa yeah.. I was lazy to look for the proper variable name |
||
|
|
||
| #Pull a selected set of artifacts into the final stage. | ||
| FROM scratch | ||
| COPY --from=builder /out/ / | ||
| COPY --from=builder /apparmor/parser/apparmor_parser /usr/bin/ | ||
| COPY /etc/ /etc | ||
| COPY /profiles/* /etc/apparmor.d | ||
| COPY aa-init.sh / | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FROM ... AS ... (as uppercase as well)...